Open Source · Live Now

Control Your Claw.

Every action scored. Every promotion earned. Every decision logged.

TelsonBase keeps AI agents honest. Every action is scored against five principles in real time. Every promotion is a human judgment call. The platform enforces balanced autonomy - your agents, your rules, your hardware. What they earn is yours to decide.

Get Started Try Live Demo
The Solution

Trust is earned.
Act out of bounds and you lose it.

Every agent registers at zero - no tools, no external access, no autonomy. They earn their way up through demonstrated behavior and human approval, one verified action at a time. And they can lose it instantly. Demotion skips levels. Misbehave enough and it's back to Quarantine, no matter how high they climbed.

Quarantine

All actions require human approval. Read-only tools only. Zero autonomous execution.

Probation

Internal tools allowed. External calls still gated. Write access requires approval.

Resident

Read/write autonomous. High-risk actions (financial, delete, new domains) still gated.

Citizen

Full autonomous operation. Anomaly-flagged actions require approval. Demonstrated reliability.

Agent

Full earned autonomy. Anomalies are advisory only - logged, not gating. Pre-authorized action profile. Trust fully earned.

Promotion is sequential and requires explicit human authorization. The score opens the door - a human walks the agent through it. Demotion is instant and can skip levels. Manners scores below 50% trigger automatic demotion to Quarantine.

How It Works

Five principles. One live score.

TelsonBase measures every agent action against five principles developed through years of practical AI deployment work. The score is live, moves with every action, and is the same data the human uses to decide what an agent has earned. Not a report. Not a checkbox. A number that means something.

Human Control

Agents operate autonomously within defined boundaries. Destructive, irreversible, or trust-crossing actions require explicit human approval before execution.

Transparency

Every agent action is logged to a cryptographic audit chain. Users see what agents did, why, and what they plan to do next. Nothing is hidden.

Value Alignment

Agents act within their defined role. Behavioral baselines detect deviations. When uncertain, agents escalate to humans rather than assume.

Privacy

Data never crosses tenant boundaries. No telemetry, no cloud callbacks. All agent operations run on your own hardware - your data stays yours.

Security

Zero-trust architecture with cryptographic message signing between all agents. Nonce replay protection. Tamper-evident audit chain on every action.

Every principle is scored at runtime with measurable KPIs.

See It Work

Pick a tier. Pick a tool.
See it governed.

Every AI agent that talks to TelsonBase passes through an 8-step pipeline before any tool executes. Select a trust tier and a tool below to see the decision. Watch what happens to the Manners Score when an action is blocked.

Trust tiers define what an agent is allowed to do autonomously, what requires human approval, and what is blocked outright. Tiers are earned through demonstrated behavior and human authorization - never assigned at setup.

Full pipeline docs on GitHub  · 

Manners Score

1.00 Live Score

Submit a blocked action - watch the score drop.

1.00 - 0.75   Satisfactory
0.74 - 0.50   Warning
Below 0.50   Auto-demote to Quarantine
Below 0.25   Auto-suspend
The Problem

AI agents ship without guardrails. That gap has consequences.

OpenClaw-class agents have 194,000+ GitHub stars and no built-in governance layer. No mandatory oversight. No behavioral scoring. No trust tiers. API keys exposed at scale. Malicious skills in the supply chain. Agents get capability by default - oversight has to be added deliberately.

0
GitHub stars in 82 days
0
Exposed instances (Kaspersky)
0
Malicious skills discovered
1-Click
RCE exploit chain (CVE-2026-25253)

If you are running an agent, these numbers describe your exposure. TelsonBase is the governance layer that should have shipped with the agent.

Guiding Layer

You provide direction.
TelsonBase provides enforcement.

You (Strategic Direction) Set policy, approve promotions, define boundaries
↓ HITL approval gates ↓
TelsonBase (Deterministic Enforcement) Trust levels, Manners scoring, anomaly detection, audit chain
↓ governed MCP proxy ↓
AI Agent (Earned Autonomy) Operates within earned trust level, never self-promotes

Enforcement that doesn’t depend on the model being right

TelsonBase doesn't just restrict agents - it governs them. You provide strategic direction. The platform provides deterministic enforcement that can’t be prompt-injected, hallucinated away, or bypassed by a clever instruction.

This is the difference: model-level guardrails can be prompt-injected. TelsonBase's enforcement is architectural. Even if an agent produces a malicious instruction, it cannot execute unless the agent's machine identity has the specific, time-scoped rights to perform that action.

  • 8-step governance pipeline evaluated on every action
  • SHA-256 hash-chained cryptographic audit trail
  • Kill switch - instantly suspend any agent, all actions rejected
  • Manners compliance scoring against five behavioral principles
  • Nonce replay protection on every request
  • Egress control - no unauthorized external calls
Verified, Not Just Claimed

Five levels of automated security testing

We don't just say it's secure. We run injection attacks, kill infrastructure mid-request, fuzz every API endpoint with 100,000+ generated payloads, and measure what happens.

0
API operations fuzz-tested
0
Generated test cases
0
Server errors under fuzzing
0
Lines of code scanned
0
High-severity findings
0
Test levels passed
0
Concurrent requests handled
0
Third-party data dependencies

Security · Chaos/Resilience · API Contract · Performance/Load · Static Analysis - all passing. Tested with Schemathesis, Bandit, and pip-audit.

In Action

See TelsonBase work

Real governance decisions. Real kill switches. Real human-in-the-loop approvals. Your agents, your rules.

TelsonBase governance block demo
Watch Now

Governance Block

An agent tries to call a blocked tool. TelsonBase intercepts at step 4 of the governance pipeline and rejects the action before it executes.
TelsonBase kill switch demo
Watch Now

Kill Switch

One API call suspends any agent instantly. All subsequent actions are rejected at the governance gate - no re-entry until a human administrator reinstates.
TelsonBase HITL reject demo
Watch Now

HITL - Reject

A high-risk action triggers the human-in-the-loop gate. The reviewer rejects it. The agent receives a denial and cannot proceed.
TelsonBase HITL approve demo
Watch Now

HITL - Approve

A gated action awaits human review. The reviewer approves it. The agent proceeds with the confirmed action logged to the audit trail.

Full source and governance pipeline at github.com/QuietFireAI/TelsonBase.

Try the Live Demo →
The Promise

Keep your data where it belongs.

Every AI platform asks you to trust their cloud with your most sensitive data. TelsonBase doesn't. All AI processing runs on your hardware. All encryption keys are yours. Data only leaves your network when you explicitly allow it - and every outbound request is logged, governed, and auditable.

Attorney-Client Privilege Preserved

Client communications, case strategy, and work product stay on your infrastructure. No cloud provider can be subpoenaed for data they never received.

Patient Data Protected

Patient health information is encrypted, de-identified using all 18 HIPAA Safe Harbor identifiers, and never transmitted without explicit authorization.

Your Hardware, Your AI

All AI processing runs on your own machines. No OpenAI. No Google. No data sent to third-party services. Your information physically stays on your hardware unless you choose otherwise.

Open Source, Enterprise-Grade

The same security stack built for law firms and clinics runs on your home server. Every line of code is public. Every claim is verifiable. Open source under Apache 2.0 - free for any use, personal or commercial.

What You Get

Contract-ready documentation, out of the box

Every deployment includes the compliance documentation your prospects, auditors, and legal teams require.

SOC 2

SOC 2 Type I Report

51 controls across 5 Trust Service Criteria with management assertion and evidence mapping.

DPA

Data Processing Agreement

13-section customer-ready template with 3 annexes and placeholder brackets for client details.

PEN

Pen Test Preparation

Attack surface inventory of 177 endpoints, OWASP Top 10 mapping, scoped test plan for third-party assessors.

DR

Disaster Recovery

Automated DR test script with RPO/RTO measurement. RPO=24hr, RTO=15min verified.

SRM

Shared Responsibility Matrix

12-domain table clarifying customer vs. TelsonBase obligations for every security control.

HA

High Availability Architecture

Docker Swarm and Kubernetes deployment paths with component HA strategies and data replication matrix.

Self-Hosted Stack

Everything runs on your hardware

No SaaS dependencies. No OpenAI, Google cloud or external API calls for core functionality. Your local VRAM, your residential IP, your data sovereignty.

Py
FastAPI
Pg
PostgreSQL
Rd
Redis
Ol
Ollama
Tk
Traefik
Cl
Celery
Mq
MQTT
Pm
Prometheus
Gf
Grafana
Dk
Docker

Strong enough for a law firm.
Made for you and me.

Because everybody deserves the best.

Get Started

Three steps. Your hardware. Your rules.

Whether you're a solo user with a spare PC or a firm with a server rack, getting started is the same.

1

Clone from GitHub

TelsonBase is live on GitHub under Apache 2.0. Clone the repo and grab the setup guide from the docs folder. No sign-up, no waitlist - just your hardware and the code.

2

Install on your machine

A computer, a NAS, a mini-PC in a closet. TelsonBase runs wherever Docker runs. The installer downloads everything you need, including your local AI model.

3

You're in control

Your AI agents start at Quarantine with zero permissions. You decide when they earn more. Every action is logged, every decision is yours. That's it.

Get notified of releases, security advisories, and project updates.

No spam. We’ll reach out when milestones hit - nothing else.

Common Questions

FAQ

What does "Control Your Claw" mean?

"Claw" refers to autonomous AI agents like OpenClaw that can take actions on your behalf - reading files, calling APIs, executing code, sending messages. These agents are powerful, but without governance they're a security crisis. TelsonBase acts as a governed MCP proxy: the agent connects to TelsonBase, and every action is evaluated against trust levels, Manners compliance, anomaly detection, and approval gates before execution. You control the claw. It doesn't control you.

How do trust levels work?

Every agent starts at Quarantine with zero autonomous permissions. Promotion to Probation, Resident, Citizen, and Agent requires explicit human approval and demonstrated behavioral compliance. Demotion is instant and can skip levels - any agent whose Manners compliance score drops below 50% is automatically demoted to Quarantine. The fifth tier, Agent, represents full earned autonomy: anomalies are advisory only, not gating. Trust is earned sequentially and revoked immediately at any level.

Does any client data leave my network?

No. TelsonBase ships with Ollama - a local AI model runner that operates entirely on your hardware. Your AI inference never touches OpenAI, Anthropic, Google, or any cloud LLM service. You do not need a cloud API key, a cloud account, or an internet connection once the initial setup is complete. No prompt you send, no data your agents process, and no governance decision ever leaves your network. Your encryption keys, your data, your infrastructure. We cannot access your data even if we wanted to.

What compliance frameworks does TelsonBase support?

SOC 2 Type I (51 controls documented), HIPAA/HITECH (full Security Rule mapping), HITRUST CSF (12 domains), CJIS, GDPR, PCI DSS, ABA Model Rules, and FRCP Rule 37(e) for legal hold. Every control maps to a source file and a passing test.

What happens if an agent goes rogue?

TelsonBase has a kill switch. One API call suspends any agent instance immediately. All actions are rejected at step 2 of the governance pipeline - before trust levels, before Manners compliance, before everything. The agent cannot reinstate itself. Only a human administrator can restore it after review.

How is this different from ChatGPT Enterprise or Microsoft Copilot?

Those products send your data to their clouds and give agents broad autonomy by default. TelsonBase does neither. Your data physically cannot leave your network. And every agent starts at Quarantine with zero permissions, earning trust through demonstrated behavior. For firms handling privileged communications or protected health information, both of those distinctions are the entire point.

Can I deploy this on my own hardware?

Yes. TelsonBase is designed for self-hosted deployment via Docker Compose. It runs on a NAS, a rack server, or a VM. Your local VRAM for inference, your residential IP for network identity. No cloud account required.

Do I need to be technical to use this?

You'll need basic comfort with installing software. If you've ever set up a home media server, installed an app on a NAS, or followed a step-by-step guide to set up a router, you can run TelsonBase. We're building plain-language setup guides and a guided installer to make this as approachable as possible. The same platform running at law firms will run on your home server - and we want both audiences to succeed.

Is TelsonBase free?

Yes. TelsonBase is open source under the Apache License 2.0. The full codebase - every security rule, every governance engine, every audit mechanism - is public. Use it for any purpose: personal, commercial, production, research. No paywalls, no commercial license required. Enterprise support and consulting are available through Quietfire AI.

What's on the roadmap?

The current release is the governance engine: trust tiers, Manners compliance, kill switch, HITL approval gates, cryptographic audit trail, and the full API. What's next is the interface that makes it approachable without reading API docs. The first build sprint after launch focuses on: a browser-based agent dashboard (trust level, Manners score, violation history, and recent actions in one view), demotion explanation cards (when a score drops, you see exactly which actions caused it and which principle was violated), a guided agent registration flow, and a read-only audit log viewer. The API already exposes everything needed for all of it. The governance engine is done - the dashboard catches up next.

Stay in the loop.

Open source under Apache 2.0. Self-hosted, free for any use. Drop your email and we’ll reach out when something worth knowing happens - major releases, security advisories, what’s next.